[Mailman-Users] speed up mailman

Ruben Safir mrbrklyn at panix.com
Mon Feb 29 02:34:30 EST 2016 

On 02/29/2016 02:19 AM, Mark Sapiro wrote:
> On 02/28/2016 10:51 PM, Ruben Safir wrote:
>> On 02/29/2016 01:34 AM, Mark Sapiro wrote:
>>> I think we can fix your issue fairly simply.
>>>
>>> Please, as I asked in my reply at
>>> <https://mail.python.org/pipermail/mailman-users/2016-February/080524.html>,
>>> post the output from 'postconf -n' and the contents of mm_cfg.py.
>>
>>
>> Sorry, I got mixed up.  Its just probably the frustration.  Everyone
>> uses mailman, I don't know why I'm so stupid
>>
>>
> 
>> smtpd_recipient_restrictions = check_client_access
>> hash:/etc/postfix/helo_client_exceptions check_sender_access
>> hash:/etc/postfix/sender_checks, reject_invalid_hostname,
>> reject_non_fqdn_hostname, reject_non_fqdn_sender,
>> reject_non_fqdn_recipient, reject_unknown_sender_domain,
>> reject_unknown_recipient_domain, permit_mynetworks,
>> reject_unauth_destination, permit_mynetworks, reject_unauth_destination,
>> reject_invalid_hostname, reject_non_fqdn_hostname,
>> reject_non_fqdn_sender, reject_non_fqdn_recipient,
>> reject_unknown_sender_domain, reject_unknown_recipient_domain,
>> reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net
>> reject_rbl_client cbl.abuseat.org, permit
> 
> 
> This is almost certainly your problem. All those checks take time,
> especially if DNS is slow. If you send a message from a client and
> Postfix takes 5 seconds to accept it, it's no big deal. If Mailman sends
> to 10 or 20 recipients, and it takes Postfix a minute to respond, it
> still may be no big deal unless another two posts arrive in that minute
> , and so on until you have a big backlog.
> 
> I suggest that if you really want all those checks, that you set up a
> separate port for Mailman to send to without all those rbl lookups and
> recipient domain lookups. See below.
> 
> 
>> vim /usr/lib/mailman/Mailman/mm_cfg.py
>>
>> ###############################################
>> # Here's where we get the distributed defaults.
>>
>> from Defaults import *
>>
>> ##################################################
>> # Put YOUR site-specific settings below this line.
>> DEFAULT_URL_PATTERN = 'http://%s/mailman/'
>> DEFAULT_NNTP_HOST = 'www.mrbrklyn.com'
>> DEFAULT_EMAIL_HOST = 'nylxs.com'
>> DEFAULT_URL_HOST = 'www.nylxs.com'
>> MTA = 'Postfix'
>> POSTFIX_ALIAS_CMD = '/usr/sbin/postalias'
>> POSTFIX_MAP_CMD = '/usr/sbin/postmap'
>> DELIVERY_MODULE = 'SMTPDirect'
>> SMTPHOST = 'mrbrklyn.com'
>> SMTPPORT = '25'
> 
> 
> Here's where I'm suggesting changes. Pick a port, say 8000, although it
> could be anything that doesn't conflict.
> 
> Then change the above to
> 
> SMTPHOST = '127.0.0.1'
> SMTPPORT = 8000
> 
> (don't quote the port - it's a number, not a string)
> 
> Also, while you're at it I suggest adding
> 
> VERP_PASSWORD_REMINDERS = Yes
> VERP_PERSONALIZED_DELIVERIES = Yes
> VERP_DELIVERY_INTERVAL = 1
> 
> for more reliable bounce processing.
> 
> But, see below for changes to Postfix master.cf that you must make first.
> 
>> add_virtualhost(DEFAULT_URL_HOST, DEFAULT_EMAIL_HOST)
>> add_virtualhost('lists.mrbrklyn.com', 'mrbrklyn.com')
>> IMAGE_LOGOS = '/mailmanicons/'
>>
>>
>>
>> There is another one in apache:
>> I don't know if it is being used.
>> vim /usr/local/apache/conf/mailman/Mailman/mm_cfg.py
> 
> No, that shouldn't be used.
> 
> 
> In Postfix master.cf add the following stanza
> 
> 127.0.0.1:8000  inet  n       -       -       -        -      smtpd
>         -o smtpd_authorized_xforward_hosts=127.0.0.0/8
>         -o mynetworks=127.0.0.0/8
>         -o smtpd_recipient_restrictions=permit_mynetworks,reject
>         -o smtpd_client_restrictions=
>         -o smtpd_helo_restrictions=
>         -o smtpd_sender_restrictions=
>         -o smtpd_data_restrictions=
> 
> Make this addition to Postfix master.cf and reload Postfix. Only after
> you've done that and Postfix is listening on the loopback interface port
> 8000, make the changes to mm_cfg.py and restart Mailman.
> 

OK .  That port is restricted to a 12.0.0.0/8 relay?  The last thing I
need is for someone to be monitoring this list and pounding port 8000
for a spam relay.

-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

More information about the Mailman-Users mailing list